8e5d900929f8bcc957cf6128d363a134d2ed9a974d06625754588df5a536e9df | Triage

Sharing

General

Target

8e5d900929f8bcc957cf6128d363a134d2ed9a974d06625754588df5a536e9df
Size

1.8MB
Sample

231011-l3sswahg95
MD5

fb64d585bd061f4673392e75e9c9eb7d
SHA1

23a5be07b94812ce10eba000b4618815a847a945
SHA256

8e5d900929f8bcc957cf6128d363a134d2ed9a974d06625754588df5a536e9df
SHA512

2de86db493a082f28271ffb03600ba751c14f1d3c89a5e5ee8d391db915690758585d74f3dda21f715e7e534f1fa2a955f99cef08ce3f9ec25cee0b1f15de489
SSDEEP

24576:oXqM74u6Ua0bx+Gx9vmDFrfajHY3usxuthJDcSY:ot4vjmHxVmDFbe9h4

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  8e5d900929f8bcc957cf6128d363a134d2ed9a974d06625754588df5a536e9df
- Size
  
  1.8MB
- MD5
  
  fb64d585bd061f4673392e75e9c9eb7d
- SHA1
  
  23a5be07b94812ce10eba000b4618815a847a945
- SHA256
  
  8e5d900929f8bcc957cf6128d363a134d2ed9a974d06625754588df5a536e9df
- SHA512
  
  2de86db493a082f28271ffb03600ba751c14f1d3c89a5e5ee8d391db915690758585d74f3dda21f715e7e534f1fa2a955f99cef08ce3f9ec25cee0b1f15de489
- SSDEEP
  
  24576:oXqM74u6Ua0bx+Gx9vmDFrfajHY3usxuthJDcSY:ot4vjmHxVmDFbe9h4
Score

9^/10

evasion persistence
- Looks for VirtualBox drivers on disk
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

File and Directory Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence